In recent years, cellular or personal communication service type mobile telephones have emerged as a must-have appliance among mobile professionals and consumers alike, growing in popularity every year since they were first introduced. The public has come to accept that mobile service enhances business and personal communications and may contribute to personal security. Consequently, mobile communication is becoming increasingly popular, particularly for voice-grade telephone services, and more recently for data communication services.
The cellular wireless networks originally were designed to service circuit-switched voice communications. More recently, many mobile service providers have been upgrading the wireless networks to support packet-switched data communications services, which are intended to extend the common data communication capabilities of the wired domain to the wireless mobile domain. For such services, a node of the radio access network (RAN) provides an interface between the transmission of the packet data over the air interface of the radio network and the transmission of the packet data in the fixed network.
A packet-switched network routes each packet individually through the network, though not necessarily through a common path; as opposed to the traditional circuit switched approach to telephone service and the like that provides a path through the network for the duration of the communication session. Packet switching uses a standard packet protocol, such as the Internet Protocol (IP). The routing decision regarding each packet's next hop through the packet switched network is made on a hop-by-hop basis (typically between neighboring switching nodes). A circuit switched link provides constant sequential throughput with minimal delay caused by the network. In contrast, because they take different paths, different packets take different times to transit the network and may even arrive out of sequence.
The wireless data services, for example, support a range of communication applications utilizing two-way packet-switched packetized data, such as browsing, instant messaging, e-mail and the like. Wireless network operations for data calls are tailored to support traditional IP packet-based service applications. To conduct packet data communications through such a network, as in any other IP-based packet data network, each operating mobile station must have its own IP address. The station uses the IP address as a source identifier, when sending packets, and other data terminals on the wide area packet data network(s) use the IP address as a destination address when sending packets to the mobile station. The various points in the network that must decide how to route the packets rely in major part on analysis of the addresses in the packet headers to make such decisions.
In many cases, the addresses are assigned to terminals on a temporary basis, e.g. for the duration of a session. However, some data terminals have permanently assigned or “static” IP addresses that they keep all of the time. In the mobile network, some mobile stations similarly have statically assigned IP addresses. For static IP subscribers, the prior practice has been to rely on the terminal to provide the static IP address, which requires the service provider to program the static IP address into the respective mobile station. Mobile packet data operations also require that the station know the IP address of its assigned home agent, which is a node of the network that receives packets addressed to the mobile station and forwards them to the station's current roaming location in the network. For static IP subscribers, this has required additional pre-provisioning of the mobile station with the home agent IP address (HA IP). One disadvantage of that current solution is that the service providers need to pre-provision the static IP address and HA IP address into the terminal. Such provisioning tasks create noticeable amounts of work for the carrier's technical support personnel.
Also, if a service provider needs to move a static IP subscriber into a region served by a different home agent (HA) node, which itself has a different HA IP address, then the static IP subscriber will need to bring the mobile station into the provider's store or service center, to allow technical personnel to modify the Home Agent IP address programmed in the mobile station. The need for the customer to take the mobile station to the provider's location has been a major disturbance for the effected subscribers
Similarly, if the static IP subscriber decides to either change from the static IP service to dynamic IP service, or to change the static Home IP address, the subscriber again must bring the mobile station into the provider's store or service center, to allow technical personnel to modify the Home IP address to 0.0.0.0. or to the new value for the static Home IP address. This need for the customer to take the mobile station to the provider's location again is a major disturbance for the effected subscribers. In addition, when there is a change, the service provider has no way to stop the subscriber from continuing to use the static IP service, unless and until the subscriber takes the mobile station to store or service center for re-programming, which potentially reduces service provider's revenue.
Also, a potential fraud issue relates to MIP static IP subscribers. The IS-835 standard does not provide any mechanism to prevent a valid subscriber from using another subscriber's static IP. This allows a fraudulent person to hijack another subscriber's information. For example, a fraudulent person, who is a valid static IP subscriber, can send his valid NAI, MN-AAA, MN-HA, FA-Challenge, but program his mobile station to send another subscriber's static IP address via the mobile request message (RRQ). All information except the static IP address will be sent to AAA server for validation. The AAA server will grant the request, as the fraudulent person is a valid static IP subscriber. However, actual communications are conducted using the victim's fraudulently obtained static IP address. From now on until his mobile station disconnects, the fraudulent person is allowed to receive the other person's “pushed” services. Some of those may be confidential.
It is believed that this fraud issue may even extend to permit abuse by hacker's subscribing to dynamic assignment service, for example mobile IP (MIP) service. With current standard based solution, any subscriber, regardless dynamic or static, is able to request any static IP address from the network by providing non-default values in the mobile request message (RRQ). Since there is no validation of the addresses from that message with respect to the particular mobile station or subscriber, the network is likely to grant the static IP address, even for the dynamic IP subscriber/hacker. For example, assume that the hacker subscribes to dynamic IP service and the victim subscribes to static IP service, from the same provider. If the hacker knows the victim's static IP address, the hacker can modify her handset so as to provision the victim's static IP address and Home Agent IP address into her phone. Then, when the hacker initiates a data call from the modified mobile station, the station requests a MIP service to the provider's wireless network but provides the static IP address and home agent IP address of the victim's static service. Most likely, the provider's network will grant the hacker's service request, assign the victim's static IP address to the hacker's mobile station for that specific session and duration. During that fraudulent session, the hacker is able to get all the proprietary and confidential “pushed information” from different servers that otherwise would be intended for delivery to the victim's mobile station. For example, this may allow the hacker to obtain information from the victim's bank, clients, etc.
Hence a need exists for a technique to automatically provide static address information in a mobile communication device, that does not entail pre-programming of that information into the device, particularly without the need for programming by a carrier or service provider's technical personnel. An attendant need exists for enhancing security and reducing the potential for fraudulent misuse of static IP addresses in the wireless network.